28 matches found
EUVD-2019-14670
Malware in sbrugna...
EUVD-2018-0503
Malware in sbrugna...
CVE-2018-17785
In blynk-server in Blynk before 0.39.7, Directory Traversal exists via a ../ in a URI that has /static or /static/js at the beginning, as demonstrated by reading the /etc/passwd file...
CVE-2019-5065
An exploitable information disclosure vulnerability exists in the packet-parsing functionality of Blynk-Library v0.6.1. A specially crafted packet can cause an unterminated strncpy, resulting in information disclosure. An attacker can send a packet to trigger this vulnerability...
Malicious code in blynk-ide (npm)
The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 87b8ecd5d02a552747321d52fd162a15432bc2afa8976448f1fbb620ba818180 Any computer that has this package installed or running should be considered...
MAL-2025-1025 Malicious code in blynk-ide (npm)
The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 87b8ecd5d02a552747321d52fd162a15432bc2afa8976448f1fbb620ba818180 Any computer that has this package installed or running should be considered...
CVE-2022-29496
A stack-based buffer overflow vulnerability exists in the BlynkConsole.h runCommand functionality of Blynk -Library v1.0.1. A specially-crafted network request can lead to command execution. An attacker can send a network request to trigger this vulnerability...
Stack overflow
A stack-based buffer overflow vulnerability exists in the BlynkConsole.h runCommand functionality of Blynk -Library v1.0.1. A specially-crafted network request can lead to command execution. An attacker can send a network request to trigger this vulnerability...
CVE-2022-29496
A stack-based buffer overflow vulnerability exists in the BlynkConsole.h runCommand functionality of Blynk -Library v1.0.1. A specially-crafted network request can lead to command execution. An attacker can send a network request to trigger this vulnerability...
CVE-2022-29496
Summary: CVE-2022-29496 is a stack-based buffer overflow in Blynk-Library v1.0.1, specifically in the BlynkConsole.h runCommand function. The issue arises because split_argv can overflow the stack when parsing commands with more than seven spaces, allowing an attacker to overwrite the return addr...
Blynk 缓冲区错误漏洞
Blynk is a set of Internet of Things IoT platform from Blynk Inc. in the United States. A security vulnerability exists in Blynk v1.0.1, which stems from a stack-based buffer overflow vulnerability in the BlynkConsole.h runCommand function, which allows an attacker to send a network request to...
Blynk Blynk-Library BlynkConsole.h runCommand stack-based buffer overflow vulnerability
Summary A stack-based buffer overflow vulnerability exists in the BlynkConsole.h runCommand functionality of Blynk -Library v1.0.1. A specially-crafted network request can lead to command execution. An attacker can send a network request to trigger this vulnerability. Tested Versions Blynk -Libra...
CVE-2019-5065
An exploitable information disclosure vulnerability exists in the packet-parsing functionality of Blynk-Library v0.6.1. A specially crafted packet can cause an unterminated strncpy, resulting in information disclosure. An attacker can send a packet to trigger this vulnerability...
CVE-2019-5065
An exploitable information disclosure vulnerability exists in the packet-parsing functionality of Blynk-Library v0.6.1. A specially crafted packet can cause an unterminated strncpy, resulting in information disclosure. An attacker can send a packet to trigger this vulnerability...
Information disclosure
An exploitable information disclosure vulnerability exists in the packet-parsing functionality of Blynk-Library v0.6.1. A specially crafted packet can cause an unterminated strncpy, resulting in information disclosure. An attacker can send a packet to trigger this vulnerability...
CVE-2019-5065
Blynk-Library v0.6.1 contains an information-disclosure vulnerability in the packet-parsing path (BlynkProtocol::processInput). Specifically, in the BLYNK_CMD_REDIRECT handling, the code allocates 32 bytes for redir_serv and copies exactly 32 bytes via strncpy, which can result in a non-null-term...
CVE-2019-5065
An exploitable information disclosure vulnerability exists in the packet-parsing functionality of Blynk-Library v0.6.1. A specially crafted packet can cause an unterminated strncpy, resulting in information disclosure. An attacker can send a packet to trigger this vulnerability...
Vulnerability Spotlight: Information disclosure vulnerability in Blynk-Library
Lilith Wyatt of Cisco Talos discovered this vulnerability. Cisco Talos recently discovered an information disclosure vulnerability in Blynk-Library. Blynk-Library is a small library for connecting more than 400 different embedded device models into a private or enterprise Blynk-Server instance...
Blynk-Library Information Disclosure Vulnerability
Blynk is a suite of IoT platforms from Blynk Inc. in the U.S. Blynk-Library is a Blynk library for embedded hardware. An information disclosure vulnerability exists in the packet parsing function in Blynk-Library version v0.6.1. The vulnerability stems from errors in configuration and other error...
Blynk inc. Blynk-Library BlynkProtocol<Transp>::processInput() information disclosure vulnerability
Summary An exploitable information disclosure vulnerability exists in the packet-parsing functionality of Blynk-Library v0.6.1. A specially crafted packet can cause an unterminated strncpy, resulting in information disclosure. An attacker can send a packet to trigger this vulnerability. Tested...